Privacy Policy for Flow-Logic

Last updated: May 2026

Overview

Flow-Logic is a web-based educational tool for creating, editing, saving, loading, and simulating flowcharts. This Privacy Policy explains how Flow-Logic processes personal data when schools, MATs, staff, learners, purchasers, and support contacts use the public website, licence checkout, IP-locked play area, admin/support features, and optional Google Drive integration.

This notice is written to support UK school and MAT data protection reviews, including DPIA and procurement checks. It is not a substitute for a school's own DPIA, but it gives the supplier information needed to assess the nature, scope, context, purposes, lawful bases, retention, recipients, risks, and mitigations for Flow-Logic.

Who We Are and How to Contact Us

Flow-Logic is published by Flow-Logic Educational Tools. For data protection, licence, or school procurement questions, contact info@flow-logic.co.uk or use the online contact form. A postal address and signed school Data Processing Agreement can be provided to schools, MATs, and public-sector procurement teams on request.

Flow-Logic has not appointed a statutory Data Protection Officer. Data protection enquiries should be sent to the contact details above.

School DPIA Summary

  • Nature of processing: web access control, licence administration, payment processing, support handling, security logging, optional local draft restore, and optional Google Drive save/load selected by the user.
  • Scope: staff and learners at a licensed school/site may use the play area. Learners do not need individual Flow-Logic accounts, names, email addresses, or profiles.
  • Context: Flow-Logic may be used by children and young people in schools under staff direction. The service is designed for education and minimises learner-identifying data.
  • Purposes: to provide the licensed educational tool, control authorised access, support customers, process purchases, maintain security, and meet accounting/legal duties.
  • Key mitigations: no pupil account creation, no behavioural advertising, no sale of personal data, no AI training on learner work, no automated decision-making about learners, passwords stored as hashes after setup, project-file contents not stored on Flow-Logic servers, and limited first-party cookies/storage.

Controller and Processor Roles

Flow-Logic acts as an independent controller for personal data it uses to run its own website and business: licence purchases, payment records, invoices, support messages, access administration, security logs, and service-level usage records.

Where a school or MAT uses Flow-Logic with learners and any learner personal data is processed solely to provide the school-selected educational service, Flow-Logic will act as a processor for the school to that extent. The school remains the controller for its learners' education records, classroom use, user instructions, and any decision to use Google Drive or other third-party storage with learners.

If Flow-Logic processes personal data for its own legal, security, billing, or operational purposes, it remains an independent controller for that processing. Flow-Logic does not process learner personal data for advertising, profiling, resale, or unrelated product research.

Information We Process

Depending on how Flow-Logic is used, we may process:

  • Purchase and licence details: purchaser name, work email, school/organisation username, organisation website link, school type, registered public IP address, requested model access password, teacher admin panel password, detected payer IP, payment status, and account timestamps.
  • Stripe payment records: checkout session ID, payment ID, customer/billing details, invoice/receipt links, totals, tax/VAT amounts, and payment confirmation metadata.
  • Access-control records: authorised school public IP addresses, site labels, access-password status, password hashes after setup, teacher admin panel status, teacher contact details, revocation status, and related admin timestamps.
  • Teacher Admin Panel records: teacher-created one-hour home access passwords, teacher-submitted IP changes, creation IP address, usage counts, expiry times, and audit timestamps.
  • Licensed-page usage records: protected-page hit counts per authorised IP, last access time, and first-party random visitor identifiers where usage measurement is enabled.
  • Support data: contact form messages, IP correction requests, replies, message history, institution name, email address, IP address, and user-agent details submitted with the request.
  • Technical and security data: request metadata such as IP address, date/time, browser/user-agent, session status, and server/security logs.
  • Local learner work: flowchart drafts saved in the user's own browser storage on the device being used. These drafts are not sent to Flow-Logic servers by the local draft-restore feature.
  • Google Drive data, if used: Google account authentication in the browser, selected file/folder metadata, and selected Flow-Logic project-file content handled through Google APIs.

Flow-Logic does not ask for special category data, criminal-offence data, medical data, free-text pupil profiles, or safeguarding information. Users should not include such information in support messages or project files.

Learners and Children's Data

Flow-Logic can be used by learners under a school licence, but it is designed so learners do not need individual Flow-Logic accounts. The standard play area uses the school's authorised public IP address and shared school access credentials rather than pupil usernames.

  • No learner name, email address, date of birth, class group, or school MIS identifier is required by Flow-Logic.
  • Flowchart drafts are stored locally in the learner's browser unless the user chooses to save a project file elsewhere.
  • Project-file contents are not stored on Flow-Logic servers through the local save/draft features.
  • Where a school enables Google Drive use, the school is responsible for deciding whether learners may use Google accounts and Drive storage under the school's Google Workspace arrangements.
  • Flow-Logic does not use learner data for marketing, advertising, profiling, AI training, or automated decisions.

Purposes and Lawful Bases

Under UK GDPR, we rely on the following lawful bases:

  • Licence purchase and service delivery: contract, where processing is needed to sell, activate, and provide a Flow-Logic licence.
  • School access control: contract and legitimate interests, to make sure only authorised schools/sites access licensed resources.
  • Payments, tax, VAT, invoices, and accounting: contract and legal obligation.
  • Support, IP correction requests, and customer communications: contract and legitimate interests, to respond to enquiries and keep an audit trail of support actions.
  • Security logging and misuse prevention: legitimate interests, to protect the service, customers, and users.
  • Limited usage measurement: legitimate interests, to understand licensed-site usage, detect unusual access patterns, and support licence administration. Where a school requires consent for non-essential analytics, the usage cookie should be blocked or disabled for that deployment.
  • Optional Google Drive save/load: user-initiated processing needed to provide the requested save/load feature. Google account processing is also subject to Google's own terms and privacy notices.
  • School-directed learner processing: where Flow-Logic acts as a processor, the school decides its own lawful basis for classroom use, commonly public task or legitimate interests depending on the school type and context.

Cookies and Local Browser Storage

Flow-Logic uses cookies and similar browser storage only for access, security, draft restore, and limited usage measurement. These technologies are first-party unless a user chooses to use Google Drive or Stripe checkout.

  • Access/admin session cookies: first-party cookies used to keep login and admin sessions secure. These are necessary for the requested service and normally last for the configured session period.
  • flowlogic_usage_id: a first-party, random, HttpOnly visitor identifier used to reduce duplicate counting in licensed-page usage reports. It does not contain a name, email address, school name, or project content. It may last up to 12 months if enabled.
  • flowlogic_model_draft_[model] cookie marker: a first-party marker showing that a local browser draft exists for a specific model. It may last up to 30 days unless cleared earlier.
  • flowlogic_model_draft_[model] local storage: local browser storage containing the user's draft flowchart for that model. It stays on the device/browser until the user clears the draft, the browser storage is cleared, or the device/browser policy removes it.

Blocking or clearing cookies/storage may stop draft restore, require a fresh login, or make unique-visitor counts less accurate, but the core educational flowchart tool does not rely on advertising cookies.

Google Drive and Google Picker

Flow-Logic optionally integrates with Google services so a user can save and load Flow-Logic project files (typically .flow files) in their own Google Drive. This feature is optional and user initiated.

When Drive Save or Drive Load is used, Flow-Logic uses:

  • Google Drive API to upload, download, and update selected Flow-Logic project files.
  • Google Picker API to let the user choose a Drive file or folder.

Flow-Logic currently requests these Google permissions:

  • https://www.googleapis.com/auth/drive.file - create, open, and update files created by or selected for use with Flow-Logic.
  • https://www.googleapis.com/auth/drive.metadata.readonly - read file/folder metadata needed for Drive Picker and Drive file selection. This does not give Flow-Logic permission to read the full contents of every Drive file.

Flow-Logic does not store Google access tokens on its server. Project files are sent between the browser and Google APIs when the user chooses to save or load. Flow-Logic servers do not keep copies of Google Drive project files.

Stripe Payments and VAT Invoices

Payments are processed by Stripe. Flow-Logic does not store full card numbers, CVC values, or full bank-card credentials on its own servers. Stripe collects billing information needed to process payment, receipts, invoices, tax, fraud prevention, and compliance.

Stripe sends the buyer's payment receipt/invoice to the checkout email address. Where Stripe Tax applies, VAT values are shown on Stripe billing documents. Flow-Logic receives payment confirmation and reference data so it can process licence setup and support the purchase.

Access Passwords

During checkout, a school provides a model access password and a separate teacher admin panel password for automated setup. The model access password is a shared site access credential, not an individual pupil password. It must be unique to Flow-Logic and must not be reused from email, MIS, Google, Microsoft, network, or any other sensitive account.

Flow-Logic stores model access passwords as secure hashes for login checks, and stores the current model access value where needed so authorised teachers can see and manage the shared site password in the Teacher Admin Panel. Purchase notifications may include the submitted setup values, so schools should treat them as managed site credentials and ask for a reset if it has been shared too widely.

The Teacher Admin Panel lets authorised staff view and change the model access password, update the registered school IP address within the yearly limit, create one-hour teacher home access passwords, and view task solution passwords. Flow-Logic keeps audit records for these actions so licence administrators can monitor unusual activity.

Recipients, Sub-Processors, and International Transfers

Flow-Logic uses a small number of service providers to operate the service:

  • Stripe: payment processing, tax calculation, invoices, receipts, fraud checks, and billing records.
  • Google: optional Drive API, Google Picker, and Google account authentication when a user chooses Drive save/load.
  • Hosting, database, and email infrastructure: website hosting, database storage, server logs, and transactional email. The configured email provider is currently Hostinger infrastructure for Flow-Logic email.
  • School-selected systems: where a school chooses to use Google Drive or another storage/location outside Flow-Logic, the school's chosen provider is responsible for that processing under the school's own arrangements.

These providers may process data in the UK, EEA, United States, or other jurisdictions. Where personal data is transferred internationally, Flow-Logic relies on the transfer safeguards made available by the relevant provider, such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or equivalent contractual and organisational safeguards.

Provider privacy information: Stripe Privacy Policy, Google Privacy Policy.

Security Measures

Flow-Logic uses proportionate technical and organisational measures, including:

  • HTTPS/TLS for live website traffic where the site is served over HTTPS.
  • IP-based licence controls and access passwords for licensed pages.
  • Hashed storage of access passwords after admin setup.
  • Restricted admin areas and admin session controls.
  • Database-backed access records and support logs with limited operational access.
  • Server and application logs used to investigate errors, abuse, and security incidents.
  • Data minimisation by avoiding learner accounts and avoiding server-side storage of learner project files.

Retention

We keep personal data only for as long as needed for the relevant purpose:

  • Purchase, invoice, VAT, and accounting records: normally up to 7 years after the transaction or longer if required by law, tax, audit, dispute, or fraud-prevention needs.
  • Licence and access-control records: for as long as the licence remains active, then for a reasonable period needed for support, audit, dispute handling, and security.
  • Support messages and IP correction requests: normally up to 24 months after the last meaningful contact unless needed for an active issue, legal claim, school audit, or security matter.
  • Security and technical logs: normally kept for a limited operational period and longer only where needed to investigate errors, misuse, fraud, or security incidents.
  • Usage visitor identifiers: up to 12 months in the browser if enabled; related server records are reviewed and deleted or anonymised when no longer needed for licence administration or security.
  • Local browser drafts: kept on the user's own device/browser until cleared by the user, browser, or school device policy. The draft marker cookie lasts up to 30 days.
  • Google Drive files: retained in the user's Google Drive according to the user's or school's Google retention settings, not by Flow-Logic.

School Data Processing Agreement

Where a school or MAT requires Flow-Logic to act as a processor for school-controlled learner personal data, Flow-Logic can provide a short written Data Processing Agreement. The standard commitments are:

  • Process school-controlled personal data only on documented school instructions unless required by law.
  • Ensure people with access to personal data are subject to confidentiality obligations.
  • Use appropriate technical and organisational security measures.
  • Use only necessary sub-processors and provide information about them to schools on request.
  • Assist schools with data subject requests, deletion, security incidents, and DPIA/procurement questions where reasonably required.
  • Notify the school without undue delay after becoming aware of a confirmed personal data breach affecting school-controlled data.
  • Delete or return school-controlled personal data at the end of the service where practical, unless retention is required by law or needed for legitimate legal/security records.
  • Provide reasonable audit and compliance information rather than unrestricted direct access to production systems.

Your Data Protection Rights

Depending on the lawful basis and context, individuals may have rights to access, rectification, erasure, restriction, objection, data portability, withdrawal of consent where consent is used, and not to be subject to solely automated decisions with legal or similarly significant effects.

Purchasers, staff contacts, and support users can exercise rights by contacting info@flow-logic.co.uk or using the contact form. Learners and parents/carers should usually contact their school first, because the school controls classroom use and can verify the request. Flow-Logic will support the school where it acts as processor.

Complaints

Please contact Flow-Logic first so we can try to resolve the issue. You also have the right to complain to the UK Information Commissioner's Office (ICO): https://ico.org.uk/make-a-complaint/.

Automated Decision-Making, Profiling, AI, Advertising, and Marketing

Flow-Logic does not make automated decisions about learners, does not profile learners, does not serve behavioural advertising, does not sell personal data, and does not use learner work or project files to train AI models. Flow-Logic may send transactional service emails about purchases, licence setup, support, invoices, or security.

Changes to This Policy

This Privacy Policy may be updated occasionally to reflect changes to the application, providers, or legal requirements. The "Last updated" date will be revised when material changes are made.

Contact

If you have questions about this Privacy Policy, school DPIA information, or a Data Processing Agreement, contact info@flow-logic.co.uk or use the online contact form.

Open contact form